UserLock provides Windows Network Access Control and Security to Government State Traffic Department.
By restricting, controlling and monitoring network access for over 2000 authorized users, UserLock helps Departamento Estadual de Trânsito de Pernambuco in Brazil protect sensitive data and mitigate insider threats.
The need to control and secure ‘traffic’ to the network
In such an organization like the State Traffic Department, unauthorized access to information, whether it is from inside or outside the organization, can have serious consequences. It is therefore of utmost importance for the department to be able to enforce security rules that control network and data access.
To meet these needs with native Active Directory security, several Group Policies were in place for software restriction and approved audit, a strict password setting policy (based on size, history and approval frequency) was enforced and all admin access was restricted to only support users.
Despite these measures the IT department noted several on-going security risks linked to user behavior and their network access, often without the users even being aware of the risks at hand. For example, access to the network out of business hours, connection from unauthorized external locations, and, very frequently, password sharing.
“Network security is a critical problem for most companies, and security in Windows-based networks relies heavily on a user’s login credentials”, said Antônio Oliveira, Network Manager. “The problem is that native Windows-based network controls does not limit the number of possible logins for a single user. On many occasions, users give their passwords to colleagues or other people, without being aware that this can cause them serious trouble: a user’s login is their signature and any problem related to it becomes their responsibility. By limiting the number of concurrent logins, the network is better protected.”
Solving these issues required a whole new level of access security and user login management, in order to eliminate these risk factors and better protect information on the group’s network.
Windows Network Access Control & Security with UserLock
Research from Pernambuco led the Department to UserLock. UserLock addresses very specific but important gaps in managing the security of Windows Infrastructures.
With advice from Symmetry (our distributor in Brazil) in evaluating the solution and running Proof of Concept, Pernambuco tested the software in their own specific environment. They found that UserLock met exactly the department needs to be able to restrict access of network users, limit access per user, and prevent concurrent logins. The team also found the solution extremely effective in helping with the audits conducted by the organization.
In addition, the ability to receive alerts on suspicious access events, coupled to the possibility to take control via remote session when needed, also proved to be a significant plus.
“With UserLock, we have an effective network access management tool that is very simple to manage and easy to understand.” says Antônio Oliveira.
Reduced Risk to Data Security Breaches through effective Network Access Management and Monitoring
UserLock has helped reduce the risk of security breaches to the organization’s data and realize time savings when it comes to monitoring, auditing and reacting to suspicious access events.
- Through the prevention of concurrent logins for 95% of their users, password sharing between users has now been stopped.
- Access to users can now be restricted and limited based on multiple criteria, including workstation or devices, time, business hours and connection type.
- All user access can be monitored in real-time with IT able to remotely and instantly react to any suspicious events.
- Time spent manually monitoring and auditing network access has been reduced by up to 90%, freeing up resources for other tasks.